/*
 * 版权所有 (C) 2015 知启蒙(ZHIQIM) 保留所有权利。[遇见知启蒙，邂逅框架梦]
 * 
 * https://zhiqim.org/project/zhiqim_components/zhiqim_manager.htm
 *
 * Zhiqim Manager is licensed under Mulan PSL v2.
 * You can use this software according to the terms and conditions of the Mulan PSL v2.
 * You may obtain a copy of Mulan PSL v2 at:
 *          http://license.coscl.org.cn/MulanPSL2
 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
 * See the Mulan PSL v2 for more details.
 */
package org.zhiqim.manager;

import org.zhiqim.kernel.model.codes.MD5;
import org.zhiqim.kernel.model.codes.SHA256;
import org.zhiqim.kernel.util.Ints;
import org.zhiqim.kernel.util.Strings;
import org.zhiqim.kernel.util.Validates;

/**
 * 密码器，系统提供一个默认的SHA256的编码算法和HEX的简单加解密算法
 * 1、建议各系统编写一个子类重写该类的三个方法，并配置到zmr.passwroder中
 * 2、如果未打开保存密码功能，encrypt/decrypt可忽略
 *
 * @version v1.0.0 @author zhichenggang 2017-1-1 新建与整理
 */
public class ZmrPassworder implements ZmrConstants
{
    /**
     * 操作员密码不可逆编码，默认SHA256(name + code + pass + salt)
     * 
     * @param operatorCode      操作员账号
     * @param operatorPass      操作员密码
     * @param operatorPassSalt  操作员密码盐值
     */
    public String encode(String operatorCode, String operatorPass, String operatorPassSalt)
    {
        return SHA256.encodeUTF8(Z_NAME + operatorCode + operatorPass + operatorPassSalt);
    }
    
    /**
     * 密钥编码，默认MD5(name + code + salt)，取MD5前10 + len + 后20
     * 
     * @param operatorCode      操作员账号
     * @param operatorPass      操作员密码
     * @param operatorPassSalt  操作员密码盐值
     * @return                  编码之后的密码
     */
    public String secret(String operatorCode, String operatorPass, String operatorPassSalt)
    {
        String value = Strings.prefixZero(operatorPass.length(), 2);
        String md5 = MD5.encodeUTF8(Z_NAME + operatorCode + operatorPassSalt);
        return md5.substring(0, 10) + value + md5.substring(12);
    }
    
    /**
     * 验证密钥是否正确
     * 
     * @param operatorCode      操作员账号
     * @param operatorPass      操作员密码
     * @param operatorPassSalt  操作员密码盐值
     * @param operatorPassSecr  操作员存储的密钥
     * @return                  =true表示正确
     */
    public boolean secretChk(String operatorCode, String operatorPass, String operatorPassSalt, String operatorPassSecr)
    {
        if (secretLen(operatorPassSecr) != operatorPass.length())
            return false;
        
        return operatorPassSecr.equals(secret(operatorCode, operatorPass, operatorPassSalt));
    }
    
    /**
     * 取出密钥中的真实密码长度值
     * 
     * @param secret  操作员密码
     * @return              加密后密码
     */
    public int secretLen(String secret)
    {
        if (!Validates.isMD5String(secret))
            return 0;
        
        String value = secret.substring(10, 12);
        if (!Validates.isNumeric(value))
            return 0;
        
        return Ints.toInt(value);
    }
}
